Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/C656F7264FBB11EF8BAE582DC4F9AE02.roa
File: C656F7264FBB11EF8BAE582DC4F9AE02.roa (raw, json)
Hash identifier: eUbimDJQ1NxNK6xjASjEeA5P/fagqwYmUYM8MsEHkD8=
Subject key identifier: 6E:19:FF:1D:67:9A:C7:A7:C9:06:A7:C6:3E:99:52:04:ED:D7:66:4F
Certificate issuer: /CN=A912F1D5/serialNumber=FBBA4A9609B4174E6CB47B95834E2A9C3D968663
Certificate serial: 0B96
Authority key identifier: FB:BA:4A:96:09:B4:17:4E:6C:B4:7B:95:83:4E:2A:9C:3D:96:86:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7pKlgm0F05stHuVg04qnD2WhmM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/C656F7264FBB11EF8BAE582DC4F9AE02.roa
Signing time: Thu 01 Aug 2024 04:19:12 +0000
ROA not before: Thu 01 Aug 2024 04:19:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36026
IP address blocks: 116.193.216.0/24 maxlen: 24
116.193.217.0/24 maxlen: 24
116.193.218.0/24 maxlen: 24
116.193.219.0/24 maxlen: 24
116.193.220.0/24 maxlen: 24
116.193.221.0/24 maxlen: 24
116.193.222.0/24 maxlen: 24
116.193.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 07:33:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2966 (0xb96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912F1D5/serialNumber=FBBA4A9609B4174E6CB47B95834E2A9C3D968663
Validity
Not Before: Aug 1 04:19:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ab0cc0-b785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ca:47:c6:ce:35:fe:99:72:52:28:62:8b:b9:
ae:eb:c9:58:c9:7b:d5:32:82:9e:d6:92:d9:8d:2f:
e2:53:04:cc:b7:92:d6:93:d3:a4:b3:d4:dd:c4:b9:
40:ea:1e:37:8d:56:51:ae:0d:4d:1c:f9:b2:b8:a4:
99:a5:7e:bf:ed:a2:85:11:fc:e9:20:17:be:0e:e0:
06:8c:42:df:1b:8f:2d:72:e9:28:91:c5:62:36:76:
b8:f9:e0:3d:1f:50:e0:1a:b3:bf:c1:65:64:23:b4:
ad:10:b5:ce:f1:5f:ea:16:d7:29:45:51:6b:d9:78:
f5:9d:12:7c:f7:d1:ce:33:4c:af:8e:94:02:4f:71:
32:db:82:78:aa:40:60:89:29:db:00:fb:29:7e:c6:
1f:2d:0c:7e:b5:32:bd:e0:5b:c1:a0:b2:a8:3f:b0:
51:bd:48:91:53:69:12:93:f1:8a:64:57:00:d0:9a:
f7:42:79:69:54:d9:11:32:f5:ce:aa:0c:4d:af:a6:
c9:12:5c:51:22:ef:80:b7:f8:19:77:db:aa:77:dc:
aa:c8:1a:74:22:ba:61:9b:dc:d7:d3:33:03:40:4b:
ce:ee:f7:02:37:87:cc:7a:8b:40:f0:d7:0a:00:ad:
05:0b:00:f3:4c:97:cc:b9:4c:dd:fb:4b:2c:d8:dd:
16:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:19:FF:1D:67:9A:C7:A7:C9:06:A7:C6:3E:99:52:04:ED:D7:66:4F
X509v3 Authority Key Identifier:
keyid:FB:BA:4A:96:09:B4:17:4E:6C:B4:7B:95:83:4E:2A:9C:3D:96:86:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/-7pKlgm0F05stHuVg04qnD2WhmM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7pKlgm0F05stHuVg04qnD2WhmM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F1D5/EE0180780F6211EAA706AF3DC4F9AE02/C656F7264FBB11EF8BAE582DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.193.216.0/21
Signature Algorithm: sha256WithRSAEncryption
26:21:51:1c:12:f9:21:51:a1:cc:2b:06:db:9b:f2:a2:62:81:
c8:6b:be:95:53:0e:fa:e8:5d:06:78:f0:ca:91:3f:6b:a8:c0:
2a:d1:cb:3f:d7:fa:b3:7f:be:fb:fc:9f:ab:94:b4:8e:a6:95:
13:93:6c:02:93:53:6f:20:f2:07:4f:38:35:38:a2:e3:01:a9:
16:ba:60:50:a3:10:7b:8a:07:ec:34:55:27:f6:dd:b6:db:4a:
4c:92:c6:ff:79:e6:b7:dc:d8:d7:e2:91:36:6a:10:41:15:f2:
7b:0d:bf:ed:85:80:34:bd:84:fc:30:87:b1:f4:da:23:59:02:
32:9e:aa:b7:13:bc:85:b7:dd:b5:98:5f:37:ac:fb:59:b7:70:
df:14:7d:8d:b6:54:a1:5a:31:25:cf:94:d4:75:78:77:ed:e1:
ef:aa:86:43:16:f7:cf:0e:bc:34:83:ad:24:cd:14:32:f5:45:
ef:34:89:05:fe:a4:be:e1:46:c7:2c:51:fc:d2:03:b7:ea:df:
56:a7:14:ab:10:52:64:aa:2b:6d:ff:fb:40:85:78:8e:d8:35:
b9:d1:5e:a2:0a:95:24:cd:ab:31:a1:cc:a5:ec:ad:0a:b2:11:
d2:53:c3:65:b1:0b:ae:3c:7c:b6:0d:f9:1d:3b:7c:2f:06:6e:
f5:fc:0e:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkYxRDUxMTAvBgNVBAUTKEZCQkE0QTk2MDlCNDE3NEU2Q0I0N0I5NTgzNEUyQTlD
M0Q5Njg2NjMwHhcNMjQwODAxMDQxOTEyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFiMGNjMC1iNzg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx8pHxs41/plyUihii7mu68lYyXvVMoKe1pLZjS/iUwTMt5LWk9Oks9TdxLlA
6h43jVZRrg1NHPmyuKSZpX6/7aKFEfzpIBe+DuAGjELfG48tcukokcViNna4+eA9
H1DgGrO/wWVkI7StELXO8V/qFtcpRVFr2Xj1nRJ899HOM0yvjpQCT3Ey24J4qkBg
iSnbAPspfsYfLQx+tTK94FvBoLKoP7BRvUiRU2kSk/GKZFcA0Jr3QnlpVNkRMvXO
qgxNr6bJElxRIu+At/gZd9uqd9yqyBp0Irphm9zX0zMDQEvO7vcCN4fMeotA8NcK
AK0FCwDzTJfMuUzd+0ss2N0WXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG4Z/x1n
msenyQanxj6ZUgTt12ZPMB8GA1UdIwQYMBaAFPu6SpYJtBdObLR7lYNOKpw9loZj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjFENS9FRTAxODA3ODBG
NjIxMUVBQTcwNkFGM0RDNEY5QUUwMi8tN3BLbGdtMEYwNXN0SHVWZzA0cW5EMldo
bU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy03cEtsZ20wRjA1c3RIdVZnMDRxbkQyV2htTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkYxRDUvRUUwMTgwNzgwRjYyMTFFQUE3MDZBRjNEQzRGOUFFMDIvQzY1NkY3MjY0
RkJCMTFFRjhCQUU1ODJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAN0wdgwDQYJKoZIhvcNAQELBQADggEBACYhURwS+SFRocwr
Btub8qJigchrvpVTDvroXQZ48MqRP2uowCrRyz/X+rN/vvv8n6uUtI6mlROTbAKT
U28g8gdPODU4ouMBqRa6YFCjEHuKB+w0VSf23bbbSkySxv955rfc2NfikTZqEEEV
8nsNv+2FgDS9hPwwh7H02iNZAjKeqrcTvIW33bWYXzes+1m3cN8UfY22VKFaMSXP
lNR1eHft4e+qhkMW988OvDSDrSTNFDL1Re80iQX+pL7hRscsUfzSA7fq31anFKsQ
UmSqK23/+0CFeI7YNbnRXqIKlSTNqzGhzKXsrQqyEdJTw2WxC648fLYN+R07fC8G
bvX8Diw=
-----END CERTIFICATE-----
Generated at Mon Aug 12 10:21:00 2024 by rpki-client on console-fra.rpki-client.org